Levels of validation

Klaus Ethgen klaus+gnupg at ethgen.ch
Sun Jan 2 15:05:03 CET 2022

Hi Christoph,

Am So den  2. Jan 2022 um 14:39 schrieb Christoph Klassen via Gnupg-users:
> in the GNU Privacy Handbook there are mentioned two levels of trust and
> validation: marginal and full
> (https://www.gnupg.org/gph/en/manual.html#AEN335). Is this information still
> correct?

Yes. But depends on your trust-model setting (see man page).

> Because, when I edit the trust of a key, I can select both if these
> options, but can also decide to trust a key ultimately. That's why I was
> wondering, if there are still only the two levels and if the conditions for
> a valid key are still the same.

The trust "ultimative" should only set to your very own keys! You
never use that setting for anything else.

The trust "full" is for keys that are fully trusted, either by you
having signed it with an ultimative trusted key or depending on the
trust model by signed from multiple other trusted keys or by TOFU...

The trust "marginal" is for keys that got not enough trust to be fully

Klaus Ethgen                                       http://www.ethgen.ch/
pub  4096R/4E20AF1C 2011-05-16            Klaus Ethgen <Klaus at Ethgen.ch>
Fingerprint: 85D4 CA42 952C 949B 1753  62B3 79D0 B06F 4E20 AF1C
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 688 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20220102/ffd65166/attachment.sig>

More information about the Gnupg-users mailing list